##################################
# debug user group and membership
#
debug_ensure_users                     = False
debug_ensure_group                     = False
debug_ensure_membership                = False
debug_ensure_user_group_and_membership = False

##############
# Ensure User
#
def _ensure_user(first_name,last_name,email,password):
    '''
    Here we could return results and a message
    create user or user exists for example
    '''
    users = db(db.auth_user.email==email).select() #GAE
    if users:
        user_id = users[0].id
        created = False
        return (user_id,created)
    else:
        my_crypt = CRYPT(key=auth.settings.hmac_key)
        crypt_pass = my_crypt(password)[0]        
        id_user= db.auth_user.insert(
                                   first_name=first_name,
                                   last_name=last_name,
                                   email = email,
                                   password = crypt_pass
                                   )
        created = True
        return (id_user,created)

####################
# ensure user debug
#
def _ensure_users():
    user_id, created = _ensure_user('one','ones','one@ones.com','passwordOne')
    if debug_ensure_users:
        print ('user id %i') % user_id
        print ('created %s') % created
    user_id, created = _ensure_user('two','twos','two@twos.com','passwordtwo')
    if debug_ensure_users:
        print ('user id %i') % user_id
        print ('created %s') % created
    user_id, created = _ensure_user('three','threes','three@threes.com','passwordthree')
    if debug_ensure_users:
        print ('user id %i') % user_id
        print ('created %s') % created

if debug_ensure_users:
    print('begin debug_ensure_users')
    _ensure_users()

#########################
# ensure auth group role
#
def _ensure_group_role(role,description):
    '''
    If the specified role exists return the role_id otherwise
    create it using the provided description.
    
    In either case return the auth_group_id for the specified
    group
    '''
    auth_group_role = db(db.auth_group.role==role).select()
    if auth_group_role:
        group_id = auth_group_role[0].id
        created = False
        return (group_id,created)
    else:
        group_id = db.auth_group.insert(
                                    role=role,
                                    description=description
                                    )
        created = True
        return (group_id,created)

if debug_ensure_group:
    group_id, created = _ensure_group_role('group1','this is group1 description')
    print ('group id %i') % group_id
    print ('created %s') % created
    group_id, created = _ensure_group_role('group2','this is group2 description')
    print ('group id %i') % group_id
    print ('created %s') % created 
    group_id, created = _ensure_group_role('group3','this is group3 description')
    print ('group id %i') % group_id
    print ('created %s') % created
    
####################
# ensure membership
#
def _ensure_membership(group_id, user_id):
    return_group_id = auth.add_membership(group_id, user_id)
    return return_group_id

##########################
# ensure membership debug
#
if debug_ensure_membership:
    user_id, created = _ensure_user('firstName','LastName','email@address.com','password')
    group_id, created = _ensure_group_role('testers','this is the testers group')
    return_group_id = _ensure_membership(group_id, user_id)
    print return_group_id

##################################
# debug user group and membership
#
if debug_ensure_user_group_and_membership:
    user_id, created = _ensure_user('test','tester','test@tester.com','test')
    group_id, created = _ensure_group_role('testers','this is the testers group')
    return_group_id = _ensure_membership(group_id, user_id)
    print return_group_id

#######################################
# add addmin user group and membership
#
administrator_role = 'admin_plugin_admin'
create_role        = 'create_plugin_admin'
read_role          = 'read_plugin_admin'
update_role        = 'update_plugin_admin'
delete_role        = 'delete_plugin_admin'

developer_role     = 'developer'

user_id, created = _ensure_user('admin','administrator','admin@administrator.com','admin')
group_id, created = _ensure_group_role(administrator_role,'administrators')
return_group_id = _ensure_membership(group_id, user_id)
group_id, created = _ensure_group_role(create_role,'create role')
return_group_id = _ensure_membership(group_id, user_id)
group_id, created = _ensure_group_role(read_role,'read role')
return_group_id = _ensure_membership(group_id, user_id)
group_id, created = _ensure_group_role(delete_role,'update role')
return_group_id = _ensure_membership(group_id, user_id)
group_id, created = _ensure_group_role(update_role,'delete roles')
return_group_id = _ensure_membership(group_id, user_id)
group_id, created = _ensure_group_role(developer_role,'developers role')
return_group_id = _ensure_membership(group_id, user_id)
# print return_group_id

#################################################
# plugin_admin menu items
#
# Append one or more additional menu items to reponse.menu using +=

# if auth.is_logged_in():
if auth.has_membership(auth.id_group(administrator_role)):
    response.menu+= [   
    (T('admin'), False, URL(request.application,'plugin_admin','index'),
      [
      (T('about'), False, URL(request.application,'plugin_admin','display_static',args='ABOUT'),[]),  
      (T('readme'), False, URL(request.application,'plugin_admin','display_static',args='README'),[]),  
      (T('roadmap'), False, URL(request.application,'plugin_admin','display_static',args='ROADMAP'),[]),        
      (T('license'), False, URL(request.application,'plugin_admin','display_static',args='LICENSE'),[]),
      (T('universal cake'), False, URL(request.application,'plugin_admin','display_static',args='UNIVERSAL_CAKE'),[]),
      (T('voice of access'), False, URL(request.application,'plugin_admin','display_static',args='VOICE_OF_ACCESS'),[]),       
      ]
   )]
